Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9819CC0E-9669-4D01-9CD7-2C66DA43AC6C}] 'Exec' = '%PROGRAM_FILES%\IDA\ida.exe'
- [<HKLM>\SOFTWARE\Classes\IDAFile\shell\open\command] '' = '%PROGRAM_FILES%\IDA\ida.exe "%L"'
- '%TEMP%\is-3PBDM.tmp\idasetup.tmp' /SL5="$200E6,4508037,54272,%TEMP%\_ir_sf_temp_0\idasetup.exe" /SILENT
- '%TEMP%\_ir_sf_temp_0\idasetup.exe' /SILENT
- '%TEMP%\_ir_sf_temp_0\irsetup.exe' __IRAOFF:1740146 "__IRAFN:<Полный путь к вирусу>" "__IRCT:0" "__IRTSS:0" "__IRSID:S-1-5-21-2052111302-484763869-725345543-1003"
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\regsvr32.exe' /s "%PROGRAM_FILES%\IDA\idaiehlp.dll"
- '<SYSTEM32>\regsvr32.exe' /s "%PROGRAM_FILES%\IDA\idaie.dll"
- %PROGRAM_FILES%\IDA\Languages\is-HV0QG.tmp
- %PROGRAM_FILES%\IDA\Languages\is-R5BK0.tmp
- %PROGRAM_FILES%\IDA\Languages\is-UDJPO.tmp
- %PROGRAM_FILES%\IDA\Languages\is-8QGUA.tmp
- %PROGRAM_FILES%\IDA\Languages\is-ATCI6.tmp
- %PROGRAM_FILES%\IDA\Languages\is-G1I8S.tmp
- %PROGRAM_FILES%\IDA\Languages\is-4P00J.tmp
- %PROGRAM_FILES%\IDA\Languages\is-HLUES.tmp
- %PROGRAM_FILES%\IDA\Languages\is-4MKEK.tmp
- %PROGRAM_FILES%\IDA\Languages\is-LFVLN.tmp
- %PROGRAM_FILES%\IDA\Languages\is-10HTO.tmp
- %PROGRAM_FILES%\IDA\Languages\is-AF7J6.tmp
- %PROGRAM_FILES%\IDA\Languages\is-U5F15.tmp
- %PROGRAM_FILES%\IDA\Languages\is-3AA87.tmp
- %PROGRAM_FILES%\IDA\Languages\is-PH2TR.tmp
- %PROGRAM_FILES%\IDA\Languages\is-14RMC.tmp
- %PROGRAM_FILES%\IDA\Languages\is-4J3PI.tmp
- %PROGRAM_FILES%\IDA\Languages\is-H7DOP.tmp
- %PROGRAM_FILES%\IDA\Languages\is-1DOO4.tmp
- %PROGRAM_FILES%\IDA\Languages\is-LS6FJ.tmp
- %PROGRAM_FILES%\IDA\Languages\is-9OQ96.tmp
- %PROGRAM_FILES%\IDA\Languages\is-TLP55.tmp
- %PROGRAM_FILES%\IDA\Languages\is-5UMHV.tmp
- %PROGRAM_FILES%\IDA\Languages\is-BIOR9.tmp
- %PROGRAM_FILES%\IDA\Languages\is-Q9V6I.tmp
- %ALLUSERSPROFILE%\Start Menu\Programs\Internet Download Accelerator\Internet Download Accelerator.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\Internet Download Accelerator\Help.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\Internet Download Accelerator\License.lnk
- %PROGRAM_FILES%\IDA\is-G0A3J.tmp
- %PROGRAM_FILES%\IDA\is-MRCPS.tmp
- %PROGRAM_FILES%\IDA\is-NI7HH.tmp
- %PROGRAM_FILES%\IDA\unins000.dat
- %TEMP%\www.softpir.com Setup Log.txt
- %ALLUSERSPROFILE%\Desktop\Unattended Soft.url
- %ALLUSERSPROFILE%\Start Menu\Programs\Internet Download Accelerator\Uninstall IDA.lnk
- %HOMEPATH%\Desktop\Internet Download Accelerator.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Download Accelerator.lnk
- %PROGRAM_FILES%\IDA\Languages\is-8NUCS.tmp
- %PROGRAM_FILES%\IDA\Languages\is-VNE72.tmp
- %PROGRAM_FILES%\IDA\Languages\is-CIID7.tmp
- %PROGRAM_FILES%\IDA\Languages\is-0RCSE.tmp
- %PROGRAM_FILES%\IDA\Languages\is-0CH14.tmp
- %PROGRAM_FILES%\IDA\Languages\is-33CCS.tmp
- %PROGRAM_FILES%\IDA\Languages\is-PCS7S.tmp
- %PROGRAM_FILES%\IDA\Languages\is-LUI4J.tmp
- %PROGRAM_FILES%\IDA\Languages\is-NKVHC.tmp
- %PROGRAM_FILES%\IDA\Languages\is-QPOS9.tmp
- %PROGRAM_FILES%\IDA\Languages\is-DJOOT.tmp
- %PROGRAM_FILES%\IDA\Languages\is-ASTU6.tmp
- %PROGRAM_FILES%\IDA\is-S21JA.tmp
- %PROGRAM_FILES%\IDA\is-UNNAM.tmp
- %PROGRAM_FILES%\IDA\is-KCDGR.tmp
- %PROGRAM_FILES%\IDA\is-8JBBH.tmp
- %PROGRAM_FILES%\IDA\is-C2TM2.tmp
- %PROGRAM_FILES%\IDA\is-C6152.tmp
- %PROGRAM_FILES%\IDA\is-LSPC3.tmp
- %PROGRAM_FILES%\IDA\is-70HP3.tmp
- %PROGRAM_FILES%\IDA\is-VAJLE.tmp
- %PROGRAM_FILES%\IDA\is-OMK5V.tmp
- %PROGRAM_FILES%\IDA\is-OLJUN.tmp
- %PROGRAM_FILES%\IDA\is-E3J6N.tmp
- %TEMP%\_ir_sf_temp_0\IRIMG1.JPG
- %TEMP%\_ir_sf_temp_0\IRIMG2.JPG
- %TEMP%\_ir_sf_temp_0\idasetup.exe
- %TEMP%\_ir_sf_temp_0\irsetup.exe
- %TEMP%\_ir_sf_temp_0\lua5.1.dll
- %TEMP%\_ir_sf_temp_0\irsetup.dat
- %PROGRAM_FILES%\IDA\is-4L2L0.tmp
- %PROGRAM_FILES%\IDA\is-DNSKN.tmp
- %PROGRAM_FILES%\IDA\is-D3OAF.tmp
- %TEMP%\is-3PBDM.tmp\idasetup.tmp
- %TEMP%\is-IDP1G.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-IDP1G.tmp\_isetup\_shfoldr.dll
- %PROGRAM_FILES%\IDA\is-TKCBD.tmp
- %PROGRAM_FILES%\IDA\Skins\is-UAQBI.tmp
- %PROGRAM_FILES%\IDA\Skins\is-CE2V9.tmp
- %PROGRAM_FILES%\IDA\Plugins\is-3JV02.tmp
- %PROGRAM_FILES%\IDA\Sounds\is-D9E0H.tmp
- %PROGRAM_FILES%\IDA\Sounds\is-S8JBB.tmp
- %PROGRAM_FILES%\IDA\Sounds\is-HAVCM.tmp
- %PROGRAM_FILES%\IDA\Languages\is-UMK5I.tmp
- %PROGRAM_FILES%\IDA\Languages\is-K18DO.tmp
- %PROGRAM_FILES%\IDA\Languages\is-V9070.tmp
- %PROGRAM_FILES%\IDA\Plugins\is-U37RA.tmp
- %PROGRAM_FILES%\IDA\Plugins\is-B8BNN.tmp
- %PROGRAM_FILES%\IDA\Plugins\is-8PTAV.tmp
- %PROGRAM_FILES%\IDA\is-0F58G.tmp
- %PROGRAM_FILES%\IDA\is-PNQ2T.tmp
- %PROGRAM_FILES%\IDA\is-MRLH6.tmp
- %PROGRAM_FILES%\IDA\is-8AS2G.tmp
- %PROGRAM_FILES%\IDA\is-F8O48.tmp
- %PROGRAM_FILES%\IDA\is-8NFK8.tmp
- %PROGRAM_FILES%\IDA\is-17MDK.tmp
- %PROGRAM_FILES%\IDA\is-O6H14.tmp
- %PROGRAM_FILES%\IDA\Sounds\is-1TTUQ.tmp
- %PROGRAM_FILES%\IDA\is-3S7BT.tmp
- %PROGRAM_FILES%\IDA\is-TSJHN.tmp
- %PROGRAM_FILES%\IDA\is-JQNG0.tmp
- %TEMP%\_ir_sf_temp_0\irsetup.exe
- %TEMP%\_ir_sf_temp_0\idasetup.exe
- %TEMP%\_ir_sf_temp_0\lua5.1.dll
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\_ir_sf_temp_0\IRIMG2.JPG
- %TEMP%\is-IDP1G.tmp\_isetup\_RegDLL.tmp
- %TEMP%\_ir_sf_temp_0\irsetup.dat
- %TEMP%\is-IDP1G.tmp\_isetup\_shfoldr.dll
- %TEMP%\_ir_sf_temp_0\IRIMG1.JPG
- %TEMP%\is-3PBDM.tmp\idasetup.tmp
- %PROGRAM_FILES%\IDA\Languages\is-ATCI6.tmp в %PROGRAM_FILES%\IDA\Languages\Hungarian.lng
- %PROGRAM_FILES%\IDA\Languages\is-G1I8S.tmp в %PROGRAM_FILES%\IDA\Languages\Italian.lng
- %PROGRAM_FILES%\IDA\Languages\is-8QGUA.tmp в %PROGRAM_FILES%\IDA\Languages\Hebrew.lng
- %PROGRAM_FILES%\IDA\Languages\is-LS6FJ.tmp в %PROGRAM_FILES%\IDA\Languages\German.lng
- %PROGRAM_FILES%\IDA\Languages\is-9OQ96.tmp в %PROGRAM_FILES%\IDA\Languages\Greek.lng
- %PROGRAM_FILES%\IDA\Languages\is-LFVLN.tmp в %PROGRAM_FILES%\IDA\Languages\Montenegrin.lng
- %PROGRAM_FILES%\IDA\Languages\is-10HTO.tmp в %PROGRAM_FILES%\IDA\Languages\Persian.lng
- %PROGRAM_FILES%\IDA\Languages\is-UDJPO.tmp в %PROGRAM_FILES%\IDA\Languages\Lithuanian.lng
- %PROGRAM_FILES%\IDA\Languages\is-HV0QG.tmp в %PROGRAM_FILES%\IDA\Languages\Japanese.lng
- %PROGRAM_FILES%\IDA\Languages\is-R5BK0.tmp в %PROGRAM_FILES%\IDA\Languages\Korean.lng
- %PROGRAM_FILES%\IDA\Languages\is-U5F15.tmp в %PROGRAM_FILES%\IDA\Languages\Chinese(Traditional).lng
- %PROGRAM_FILES%\IDA\Languages\is-3AA87.tmp в %PROGRAM_FILES%\IDA\Languages\Croatian.lng
- %PROGRAM_FILES%\IDA\Languages\is-H7DOP.tmp в %PROGRAM_FILES%\IDA\Languages\Chinese(Simplified).lng
- %PROGRAM_FILES%\IDA\Languages\is-14RMC.tmp в %PROGRAM_FILES%\IDA\Languages\Bosnian.lng
- %PROGRAM_FILES%\IDA\Languages\is-4J3PI.tmp в %PROGRAM_FILES%\IDA\Languages\Bulgarian.lng
- %PROGRAM_FILES%\IDA\Languages\is-BIOR9.tmp в %PROGRAM_FILES%\IDA\Languages\English.lng
- %PROGRAM_FILES%\IDA\Languages\is-1DOO4.tmp в %PROGRAM_FILES%\IDA\Languages\French.lng
- %PROGRAM_FILES%\IDA\Languages\is-5UMHV.tmp в %PROGRAM_FILES%\IDA\Languages\Dutch.lng
- %PROGRAM_FILES%\IDA\Languages\is-PH2TR.tmp в %PROGRAM_FILES%\IDA\Languages\Czech.lng
- %PROGRAM_FILES%\IDA\Languages\is-TLP55.tmp в %PROGRAM_FILES%\IDA\Languages\Danish.lng
- %PROGRAM_FILES%\IDA\Languages\is-ASTU6.tmp в %PROGRAM_FILES%\IDA\Languages\Turkish1.lng
- %PROGRAM_FILES%\IDA\Languages\is-PCS7S.tmp в %PROGRAM_FILES%\IDA\Languages\Ukrainian.lng
- %PROGRAM_FILES%\IDA\Languages\is-DJOOT.tmp в %PROGRAM_FILES%\IDA\Languages\Turkish.lng
- %PROGRAM_FILES%\IDA\Languages\is-CIID7.tmp в %PROGRAM_FILES%\IDA\Languages\Swedish.lng
- %PROGRAM_FILES%\IDA\Languages\is-QPOS9.tmp в %PROGRAM_FILES%\IDA\Languages\Translit.lng
- %PROGRAM_FILES%\IDA\is-MRCPS.tmp в %PROGRAM_FILES%\IDA\infoziplicense.txt
- %PROGRAM_FILES%\IDA\is-NI7HH.tmp в %PROGRAM_FILES%\IDA\referers.txt
- %PROGRAM_FILES%\IDA\is-G0A3J.tmp в %PROGRAM_FILES%\IDA\license.txt
- %PROGRAM_FILES%\IDA\Languages\is-LUI4J.tmp в %PROGRAM_FILES%\IDA\Languages\Uzbek.lng
- %PROGRAM_FILES%\IDA\Languages\is-NKVHC.tmp в %PROGRAM_FILES%\IDA\Languages\charsets.txt
- %PROGRAM_FILES%\IDA\Languages\is-4MKEK.tmp в %PROGRAM_FILES%\IDA\Languages\Romanian.lng
- %PROGRAM_FILES%\IDA\Languages\is-Q9V6I.tmp в %PROGRAM_FILES%\IDA\Languages\Romanian_no_diacritics.lng
- %PROGRAM_FILES%\IDA\Languages\is-HLUES.tmp в %PROGRAM_FILES%\IDA\Languages\Portuguese.lng
- %PROGRAM_FILES%\IDA\Languages\is-AF7J6.tmp в %PROGRAM_FILES%\IDA\Languages\Polish.lng
- %PROGRAM_FILES%\IDA\Languages\is-4P00J.tmp в %PROGRAM_FILES%\IDA\Languages\Portuguese(Brazil).lng
- %PROGRAM_FILES%\IDA\Languages\is-8NUCS.tmp в %PROGRAM_FILES%\IDA\Languages\Slovenian.lng
- %PROGRAM_FILES%\IDA\Languages\is-VNE72.tmp в %PROGRAM_FILES%\IDA\Languages\Spanish.lng
- %PROGRAM_FILES%\IDA\Languages\is-33CCS.tmp в %PROGRAM_FILES%\IDA\Languages\Slovak.lng
- %PROGRAM_FILES%\IDA\Languages\is-0RCSE.tmp в %PROGRAM_FILES%\IDA\Languages\Russian.lng
- %PROGRAM_FILES%\IDA\Languages\is-0CH14.tmp в %PROGRAM_FILES%\IDA\Languages\Serbian.lng
- %PROGRAM_FILES%\IDA\is-70HP3.tmp в %PROGRAM_FILES%\IDA\idabar.dll
- %PROGRAM_FILES%\IDA\is-VAJLE.tmp в %PROGRAM_FILES%\IDA\idabar.xpi
- %PROGRAM_FILES%\IDA\is-LSPC3.tmp в %PROGRAM_FILES%\IDA\idaiehlp.dll
- %PROGRAM_FILES%\IDA\is-OLJUN.tmp в %PROGRAM_FILES%\IDA\idaieall.htm
- %PROGRAM_FILES%\IDA\is-E3J6N.tmp в %PROGRAM_FILES%\IDA\goback.htm
- %PROGRAM_FILES%\IDA\is-8NFK8.tmp в %PROGRAM_FILES%\IDA\ida_chrome.crx
- %PROGRAM_FILES%\IDA\is-0F58G.tmp в %PROGRAM_FILES%\IDA\unrar.dll
- %PROGRAM_FILES%\IDA\is-F8O48.tmp в %PROGRAM_FILES%\IDA\npida.dll
- %PROGRAM_FILES%\IDA\is-TKCBD.tmp в %PROGRAM_FILES%\IDA\ida-ff.xpi
- %PROGRAM_FILES%\IDA\is-8AS2G.tmp в %PROGRAM_FILES%\IDA\idaremote.xpi
- %PROGRAM_FILES%\IDA\is-8JBBH.tmp в %PROGRAM_FILES%\IDA\ida.chm
- %PROGRAM_FILES%\IDA\is-C2TM2.tmp в %PROGRAM_FILES%\IDA\hintf.bmp
- %PROGRAM_FILES%\IDA\is-D3OAF.tmp в %PROGRAM_FILES%\IDA\ida.exe
- %PROGRAM_FILES%\IDA\is-4L2L0.tmp в %PROGRAM_FILES%\IDA\unins000.exe
- %PROGRAM_FILES%\IDA\is-DNSKN.tmp в %PROGRAM_FILES%\IDA\bcheck.dll
- %PROGRAM_FILES%\IDA\is-KCDGR.tmp в %PROGRAM_FILES%\IDA\idaie.dll
- %PROGRAM_FILES%\IDA\is-OMK5V.tmp в %PROGRAM_FILES%\IDA\idaie.htm
- %PROGRAM_FILES%\IDA\is-UNNAM.tmp в %PROGRAM_FILES%\IDA\typeconn.cfg
- %PROGRAM_FILES%\IDA\is-C6152.tmp в %PROGRAM_FILES%\IDA\nodelist.xml
- %PROGRAM_FILES%\IDA\is-S21JA.tmp в %PROGRAM_FILES%\IDA\lvcolors.cfg
- %PROGRAM_FILES%\IDA\Plugins\is-3JV02.tmp в %PROGRAM_FILES%\IDA\Plugins\advscheduler.chm
- %PROGRAM_FILES%\IDA\Plugins\is-U37RA.tmp в %PROGRAM_FILES%\IDA\Plugins\advscheduler.dll
- %PROGRAM_FILES%\IDA\Skins\is-CE2V9.tmp в %PROGRAM_FILES%\IDA\Skins\Standard2.skn
- %PROGRAM_FILES%\IDA\Sounds\is-HAVCM.tmp в %PROGRAM_FILES%\IDA\Sounds\error.wav
- %PROGRAM_FILES%\IDA\Skins\is-UAQBI.tmp в %PROGRAM_FILES%\IDA\Skins\Standard.skn
- %PROGRAM_FILES%\IDA\Languages\is-K18DO.tmp в %PROGRAM_FILES%\IDA\Languages\Arabic.lng
- %PROGRAM_FILES%\IDA\Languages\is-V9070.tmp в %PROGRAM_FILES%\IDA\Languages\Belarusian.lng
- %PROGRAM_FILES%\IDA\Languages\is-UMK5I.tmp в %PROGRAM_FILES%\IDA\Languages\Albanian.lng
- %PROGRAM_FILES%\IDA\Plugins\is-B8BNN.tmp в %PROGRAM_FILES%\IDA\Plugins\remotedownload.chm
- %PROGRAM_FILES%\IDA\Plugins\is-8PTAV.tmp в %PROGRAM_FILES%\IDA\Plugins\remotedownload.dll
- %PROGRAM_FILES%\IDA\is-TSJHN.tmp в %PROGRAM_FILES%\IDA\flvplayer.swf
- %PROGRAM_FILES%\IDA\is-JQNG0.tmp в %PROGRAM_FILES%\IDA\playflv.html
- %PROGRAM_FILES%\IDA\is-3S7BT.tmp в %PROGRAM_FILES%\IDA\remdown.htm
- %PROGRAM_FILES%\IDA\is-PNQ2T.tmp в %PROGRAM_FILES%\IDA\unzip32.dll
- %PROGRAM_FILES%\IDA\is-MRLH6.tmp в %PROGRAM_FILES%\IDA\html.htm
- %PROGRAM_FILES%\IDA\Sounds\is-D9E0H.tmp в %PROGRAM_FILES%\IDA\Sounds\alldone.wav
- %PROGRAM_FILES%\IDA\Sounds\is-S8JBB.tmp в %PROGRAM_FILES%\IDA\Sounds\done.wav
- %PROGRAM_FILES%\IDA\Sounds\is-1TTUQ.tmp в %PROGRAM_FILES%\IDA\Sounds\add.wav
- %PROGRAM_FILES%\IDA\is-17MDK.tmp в %PROGRAM_FILES%\IDA\swfobject.js
- %PROGRAM_FILES%\IDA\is-O6H14.tmp в %PROGRAM_FILES%\IDA\playflvimg.jpg
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''